Integer overflow in xpath.c, allows context-dependent attackers
to to cause a denial of service (crash) and possibly execute
arbitrary code via a crafted XML file that triggers a heap-based
buffer overflow when adding a new namespace node, related to
handling of XPath expressions.

libxml2 is affected by the expansion of internal entities
(which can be used to consume resources) and external entities
(which can cause a denial of service against other services,
be used to port scan, etc.)..